E-crime - Home Affairs Committee Contents

Annex: Glossary of terms

Apps — (abbreviation for 'application') a piece of software that can run on a computer, a mobile device, or from a web browser.

Bot — a computer that has been compromised to serve the hacker's need without the user's knowledge.

Botnet — a networks of bots which can act together to achieve a collective aim.

Browser — a web browser is a program used to access the World Wide Web

Conversation threads — messages which are grouped together (usually by subject), e.g. on an internet forum or by an email client like outlook or gmail, as a visual aid to the user.

Cookies — small data files generated by a website and saved onto your computer when you first visit the website. Their purpose is to identify you, so that the site can keep track of your movements ; they may also store your personal data or preferences. Some browsers allow users to delete specific cookies or prevent cookies from being created, this allows the user a higher level of privacy but could affect website functionality on their computer as many websites are designed to require cookies to function properly.

  • Session cookies — temporary files that are deleted when the browser is closed
  • Persistent cookies — files designed to store data for an extended period of time. Each persistent cookie is created with an expiration date, once the expiration date is reached, the cookie is automatically deleted. Persistent cookies are what allow websites to "remember you" for two weeks, one month, or any other amount of time.

Denial of Service (DoS) attack — an attack on a computer system (typically a web server) which aims to make the system unavailable by flooding it with internet traffic so that it becomes overloaded and inoperable.

Distributed Denial of Service (DDoS) attack — as above but carried out by a number of networked computers controlled by one master (a botnet).

Domain Name System (DNS) — The Internet uses the Domain Name System (DNS) to allow computers to identify each other. To connect to the Internet, each computer requires a unique numerical label called an IP address. IP addresses are matched to memorable labels called domain names, stored in a global database. For example, instead of typing the IP address, to connect to the computer that hosts the parliamentary website, the domain name www.parliament.uk is used.

Domain names generally follow the format www.xxxxx.yyy, where:

.yyy is the top level domain, which can be a country code such as '.uk' or a generic domain such as '.com' or '.org';

.xxxxx is the second level domain such as '.parliament', '.co' or '.google';

additional subdomains, such as 'www.' can be used to the left.

The DNS is coordinated to ensure addresses and domain names are unique. Due to the number of names and addresses they are stored on specialist computers.

Hosting / website hosting — Housing, serving and maintaining files for websites.  A Web Host provides internet access through a system called a server. A Web Hosting company may have many servers to hold many gigabytes of information. This requires a fast connection to the internet and most hosting companies offer fast connections which would be very expensive for businesses to take out for their individual websites.

Internet Protocol (IP) — the method or protocol by which data is sent from one computer to another on the Internet

IP address — see "Domain Name System"

Malware (malicious software) — A catch-all term for software with malicious intent. The uses of malicious software range from placing excessive demand on a computer's resources, to destruction of data or even hardware. In some cases the user is made aware of the presence of the malware, for example when it sends a message to the user or deletes the contents of a hard drive. Recent forms of malware may operate without the user's knowledge, steal financial information such as credit card details, or convert infected computers into an asset for the attacker.

Common types of malware work as follows:

  • Viruses infect computers or other electronic devices and are passed on by user activity, for example by opening an email attachment.
  • Worms self-propagate using an internet connection to access vulnerabilities on other computers and to install copies of themselves. They are often used as a conduit to grant attackers access to the computer.
  • Trojans are malware masquerading as something the user may want to download or install, that may then perform hidden or unexpected actions, such as allowing external access to the computer.
  • Spyware transmits information gathered from a computer, such as bank details, back to an attacker. For example 'keylogging' software records anything entered using the keyboard, such as passwords.

Phishing — Sending fraudulent emails to individuals that claim to come from a legitimate source (e.g. internet retailer or bank). The aim of these emails is to persuade the victim to voluntarily disclose sensitive information such as bank account and credit card details that can then be exploited to defraud them.

Root-kit — software to gain and maintain privileged access to computer systems; can be used to conceal other malware;

Trojan / Trojan Horse — Malicious software programmes which are disguised as benign applications such as computer games or antivirus software. Once installed on a system, they can cause data theft and loss, as well as system crashes or slowdowns. Trojans can also be used as launching points for other attacks, such as distributed denial of service (DDoS). Many Trojans are used to manipulate files on the victim computer, manage processes, remotely run commands, intercept keystrokes, watch screen images, and restart or shut down infected hosts. Unlike viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate.

URL (Universal resource Locator) — formatted text string used by Web browsers and other software to identify a network resource on the Internet. Network resources are files that can be plain Web pages, other text documents, graphics, or programs. A URL consists of three parts: a network protocol, a host name or address a file or resource location. 

Virus — A computer virus attaches itself to a program or file enabling it to spread from one computer to another, leaving infections as it travels. Almost all viruses are attached to an executable file, which means the virus may exist on your computer but it actually cannot infect your computer unless you run or open the malicious program. It is important to note that a virus cannot be spread without a human action, (such as running an infected program) to keep it going. Because a virus is spread by human action people will unknowingly continue the spread of a computer virus by sharing infecting files or sending emails with viruses as attachments in the email.

Widgets — a "widget" is an application that sits on top of a Web site and offers users additional interactive features. There are four main types of Widget: (1) a widget engine (such as dashboard apps like Apple's Mac OS X v10.4, Windows Vista Sidebar, or Yahoo! Widgets), (2) GUI widgets (which are a component of a graphical user interface in which the user interacts), (3) Web widgets (which refer to a third party item that can be embedded in a Web page), and (4) mobile widgets (a third party item that can be embedded in a mobile phone).

Worms — A worm is similar to a virus by design and is considered to be a sub-class of a virus. Worms spread from computer to computer, but unlike a virus, it has the capability to travel without any human action. A worm takes advantage of file or information transport features on your system, which is what allows it to travel unaided. The biggest danger with a worm is its capability to replicate itself on your system, so rather than your computer sending out a single worm, it could send out hundreds or thousands of copies of itself, creating a huge devastating effect. One example would be for a worm to send a copy of itself to everyone listed in your e-mail address book. Then, the worm replicates and sends itself out to everyone listed in each of the receiver's address book, and the manifest continues on down the line.

previous page contents next page

© Parliamentary copyright 2013
Prepared 30 July 2013